[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [rdiff-backup-users] operational questions
|
From: |
John Labovitz |
|
Subject: |
Re: [rdiff-backup-users] operational questions |
|
Date: |
Tue, 27 Apr 2004 16:52:09 -0700 |
On Apr 27, 2004, at 10:17 AM, Eric S. Johansson wrote:
any suggestions for somehow protecting rdiff backed up data on a
friendly foreign machine?
Two possibilities, off the top of my head --
1. Use an encrypted sparse file image on the foreign machine. This
will let you have a file system that, when unmounted, is a big blob of
a file. (See Disk Utility and "hdiutil" for more details.) However,
you'll have to find a way to mount/unmount the image when the remote
rdiff-backup logs in. You might be able to use ssh "subsystems" to do
this -- see "man sshd_config".
However, I see two holes with this: first, once the image has been
mounted, the files on it are readable to the admin of the foreign
machine. So it's not completely opaque. Secondly, it seems fairly
possible for the connection to die in such a way that the image is
never unmounted -- leaving it open again.
2. Use rdiff-backup to a *local* encrypted sparse image, then use rsync
to mirror changes in that image over to the foreign machine. (Rsync
has a --sparse option that may work well here.)
The obvious disadvantage with option #2 is that you have to store your
diffs locally. It also may require a large diff, since at least parts
of the sparse image are being completely re-encrypted.
Again, I haven't really tried either of these -- just throwing them out
as ideas.
--
John Labovitz Consulting, LLC
http://mac.johnlabovitz.com
address@hidden
+1 503.949.3492